package com.ktwlsoft.archivemanage.service.security;

import com.ktwlsoft.archivemanage.domain.business.repositoryService.OperationRepositoryService;
import com.ktwlsoft.archivemanage.domain.dao.entity.OperationLog;
import com.ktwlsoft.archivemanage.payload.operationLog.SaveLogRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.stereotype.Component;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@Component
public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint {

    private static final Logger logger = LoggerFactory.getLogger(JwtAuthenticationEntryPoint.class);

    @Override
    public void commence(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException e) throws IOException, ServletException {
        logger.error("权限认证错误. 错误消息 - {}", e.getMessage());
        OperationRepositoryService.saveLog(new SaveLogRequest(
                OperationLog.OperationType.LOGGING,
                "登录失败",
                "",
                OperationLog.BusinessType.LOGGING
        ));
        httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "用户账号或密码错误");
    }
}
